UWSS stands for Uber Web Security Scanner is an opensource tool which can also act as a fuzzer whose objective is to probe the application with various crafted attack strings.
- Generic : UWSS simple sends requests without any additional steps.
- Dynamic keys : UWSS parses the current tokens befor esending any POST requests in this mode.
Currently attack techniques are support by the tool is follow as:
- Cross-Site-Scripting
- XML-injection
- OS command execution
- File-inclusion (local/remote)
- Perl-injection
- SQL Ijection
- LDAP-injection
- SOAP-injection
- PHP-injection
This application run on command line and programmed in python. Authors are Noptrix & illuminatus.
Download from here
nice tool! hope it becomes better and will be developed…
Any idea why this happened?
D:\PenTest\Web\uwss>python uwss.py
Traceback (most recent call last):
File “uwss.py”, line 29, in
from uconfig.uController import *
File “D:\PenTest\Web\uwss\uconfig\uController.py”, line 25, in
from uconfig.uXml import *
File “D:\PenTest\Web\uwss\uconfig\uXml.py”, line 25, in
import libxml2
ImportError: No module named libxml2
D:\PenTest\Web\uwss>
You are facing dependencies problem. Install this package, if you find any other dependencies errors paste it here. I use most of the tools on Linux.